{"cve":{"cve_id":"CVE-2026-54223","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00628,"epss_percentile":0.45356,"epss_as_of":"2026-06-23","description":"UBB.threads is vulnerable to Path traversal, allowing attackers with privilege to edit templates to read and write any file on the application’s server that application has privileges to, what results in Remote Code Execution. \nBecause vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions.","published_at":"2026-06-18T12:56:22.497000Z","last_modified_at":null,"cvss_v3_score":null,"cvss_v3_vector":null,"cvss_v3_severity":null,"cvss_v4_score":8.6,"cvss_v4_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L","cvss_v4_severity":"HIGH","ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-22"],"nvd_references":["https://www.ubbcentral.com/","https://cert.pl/en/posts/2026/06/CVE-2026-54219"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:30:53.764986Z"},"effective_severity":"HIGH","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":null,"metrics":[]},"cvss_v4_decoded":{"version":"4.0","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"AT","name":"Attack Requirements","value":"N","value_label":"None"},{"metric":"PR","name":"Privileges Required","value":"H","value_label":"High"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"VC","name":"Confidentiality (Vulnerable System)","value":"H","value_label":"High"},{"metric":"VI","name":"Integrity (Vulnerable System)","value":"H","value_label":"High"},{"metric":"VA","name":"Availability (Vulnerable System)","value":"H","value_label":"High"},{"metric":"SC","name":"Confidentiality (Subsequent System)","value":"L","value_label":"Low"},{"metric":"SI","name":"Integrity (Subsequent System)","value":"L","value_label":"Low"},{"metric":"SA","name":"Availability (Subsequent System)","value":"L","value_label":"Low"}]},"affected":[{"vendor_slug":"ubb-systems","vendor_name":"UBB Systems","product_slug":"ubb.threads","product_name":"UBB.threads","version_start":"0","version_start_inclusive":true,"version_end":"7.7.5","version_end_inclusive":true,"cpe23_uri":"cve5:ubb-systems:ubb.threads:0:7.7.5"}],"exploit_refs":[],"news":[],"references":[{"url":"https://www.ubbcentral.com/","source_type":"MISC","tags":[]},{"url":"https://cert.pl/en/posts/2026/06/CVE-2026-54219","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2026-06-18T12:56:22.497000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:55:37.240342Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:55:37.240342Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:55:37.240342Z","label":"CVSS score revised","source":"cvelistv5"}]}